diff options
Diffstat (limited to 'manifests/agent/generate_sshkey.pp')
-rw-r--r-- | manifests/agent/generate_sshkey.pp | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index 6f88f35..f01d2cf 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -10,6 +10,7 @@ define check_mk::agent::generate_sshkey ( #$ssh_key_basepath = "${common::moduledir::module_dir_path}/check_mk/keys", # for now use a dir we know works $ssh_key_basepath = '/etc/puppet/modules/check_mk/keys', + $sshuser = 'root', $check_mk_tag = 'check_mk_sshkey' ){ @@ -21,7 +22,15 @@ define check_mk::agent::generate_sshkey ( $public_key = $public[1] $secret_key = $ssh_keys[0] + # if we're not root we need to use sudo + if $sshuser != 'root' { + $command = 'sudo /usr/bin/check_mk_agent' + } else { + $command = '/usr/bin/check_mk_agent' + } + # setup the public half of the key in authorized_keys on the agent + # and restrict it to running only the agent if $authdir or $authfile { # if $authkey or $authdir are set, override authorized_keys path and file sshd::ssh_authorized_key { $ssh_key_name: @@ -29,7 +38,7 @@ define check_mk::agent::generate_sshkey ( key => $public_key, user => 'root', target => "${authdir}/${authfile}", - options => 'command="/usr/bin/check_mk_agent"'; + options => "command=\"${command}\""; } } else { # otherwise use the defaults @@ -37,7 +46,7 @@ define check_mk::agent::generate_sshkey ( type => 'ssh-rsa', key => $public_key, user => 'root', - options => 'command="/usr/bin/check_mk_agent"'; + options => "command=\"${command}\""; } } |